Configure Attack Surface Reduction in Windows 10

Attack Surface Reduction is a new security feature of Windows Defender Exploit Guard on Windows 10 that Microsoft introduced in the Fall Creators Update.

Attack Surface Reduction may prevent common actions of malicious software that is run on Windows 10 devices that have the feature enabled.

The feature is rules based, and designed to target actions and behavior that is typically of malware. You may enable rules that block the execution of obfuscated scripts, executable content in mail clients, or Office from spawning child processes.

Attack Surface Reduction is only available if you enable real-time protection in Windows Defender Antivirus.

Attack Surface Reduction rules

The following rules are available in the Windows 10 Fall Creators Update:

Attack Surface Reduction is a new security feature of Windows Defender Exploit Guard on Windows 10 that Microsoft introduced in the Fall Creators Update.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

About Martin Brinkmann

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand.You can follow Martin on Facebook, Twitter or Google+

With just two exceptions (gaming and education) MS seems to be turning its focus to enterprise and away from the consumer market. KB4046355 on Win10 v.1709 made Media Player an on-demand feature. I believe that’s to mitigate any vulnerability in Win10 that might threaten enterprise installations (i.e. system hardening). System hardening may become the default.

Your work on this appears to be outstanding, but how many Home users will spend the time to implement this, and risk troubleshooting the consequence of an implementation error that might not show up for days or weeks later? This process may be better than using the old EMET, but needs an automation and rollback process to make changes controllable and incrementally reversible.

Does Attack Surface Reduction require Windows Defender Antivirus. I mean does Attack Surface Reduction work with third party security software. Do new security features introduced in the Fall Creators Update require Windows Defender Antivirus.

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.